<?php
	include_once dirname(dirname(dirname(__FILE__)))."/include/db_connect.php";



function getProductionsApplyBySUserId($s_user_id){

	$conn=get_db_conn();
	$sql='select aa.* from productions_apply aa  where aa.s_user_id='.$s_user_id;
	$result=mysql_query($sql,$conn) or die (mysql_error());
	$ret = mysql_fetch_array($result);
	mysql_close($conn);
	return $ret;	
}
	function dowith_sql($str){
	$str = str_replace("and","",$str);
	$str = str_replace("execute","",$str);
	$str = str_replace("update","",$str);
	$str = str_replace("count","",$str);
	$str = str_replace("chr","",$str);
	$str = str_replace("mid","",$str);
	$str = str_replace("master","",$str);
	$str = str_replace("truncate","",$str);
	$str = str_replace("char","",$str);
	$str = str_replace("declare","",$str);
	$str = str_replace("select","",$str);
	$str = str_replace("create","",$str);
	$str = str_replace("delete","",$str);
	$str = str_replace("insert","",$str);
	$str = str_replace("'","",$str);
	//$str = str_replace(""","",$str);
	$str = str_replace(" ","",$str);
	$str = str_replace("or","",$str);
	$str = str_replace("=","",$str);
	$str = str_replace("%20","",$str);
	//echo $str;
	return $str;
}

function alertInfo($msg,$url) {
	echo '<!DOCTYPE html><html><head><script>alert("'.$msg.'");
		window.location="'.$url.'";</script></head><body></body></html>';
}

function addProductionsApply($params){
	$col="";
	$val="";
	foreach ($params as $key => $item) {
		$col.=",".$key;
		$val.=",".$item;
	}
	$sql = "insert into productions_apply(".substr($col, 1).") values (".substr($val, 1).");";
	$conn = get_db_conn();
	if(mysql_query($sql,$conn))return true;
	else  {
		echo $sql;
		echo mysql_error();
		return false;
	}
	
}	

function addAccessory($params){
	$col="";
	$val="";
	foreach ($params as $key => $item) {
		$col.=",".$key;
		$val.=",".$item;
	}
	$sql = "insert into productions_accessory(".substr($col, 1).") values (".substr($val, 1).");";
	$conn = get_db_conn();
	if(mysql_query($sql,$conn))return true;
	else  {
		echo $sql;
		echo mysql_error();
		return false;
	}
	
}	


?>